At present, a common authentication method is to perform safety verification by using a verification code carried in an SMS.
In an Android operating system, a third party application may be authorized to read an SMS. If the third party application is a malicious application, the third party application may read a verification code in the SMS so as to acquire an authority of executing a sensitive operation, such as an authority of executing a payment operation, and an authority of executing registration and login and so on.